I've been following this thread not really out of need but rather that it is really interesting. That said, I don't think for security you want to "escape" the web root. The risk is that might aid a traversal attack.
Original Message From: hobso...@gmail.com Sent: August 30, 2019 12:01 PM To: nginx@nginx.org Reply-to: nginx@nginx.org Subject: Re: Allow internal redirect to URI x, but deny external request for x? Hi Lewis, On 30/08/19 18:33, J. Lewis Muir wrote: > Hello! > > I'm using nginx 1.12.2 on RHEL 7, and I've got a FastCGI web app that > uses a deployment structure which uses an atomic symlink change for an > atomic app deploy, and I'm wishing to be able to do an internal redirect > in nginx to URL x, but deny an external request to the same URL x so > that I don't serve the same content at more than one URL. Is there a > way to do that? > You could place the different versions away from the root so they cannot be obtained from the web. Then they can be served by setting up a symlink to the desired version. This can be changed using "ln -sfn version/dir serving/root" and then restarting nginx to pick up the new version. By not using redirects, this method should be more efficient. Regards Ian -- Ian Hobson _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx